athenzutils

package
v1.11.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 19, 2022 License: Apache-2.0 Imports: 16 Imported by: 2

README

athenzutils

Go library to return zts client given private key and certificate.

License

Copyright 2018 Yahoo Holdings, Inc.

Licensed under the Apache License, Version 2.0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ExtractHostname added in v1.10.20

func ExtractHostname(x509Cert x509.Certificate) string

ExtractHostname returns the hostname from the SAN URIs field of the given certificate: https://golang.org/pkg/crypto/x509/#Certificate.URIs. If the certificate does not have the hostname in the SAN URIs field, an empty string is returned.

func ExtractInstanceId

func ExtractInstanceId(x509Cert x509.Certificate) (string, error)

func ExtractServicePrincipal

func ExtractServicePrincipal(x509Cert x509.Certificate) (string, error)

ExtractServicePrincipal returns the Athenz Service principal for the given certificate which could be either a service certificate or a role certificate. If the certificate does not have the Athenz expected name format the method will an appropriate error.

func FetchIdToken added in v1.10.46

func FetchIdToken(ztsURL, svcKeyFile, svcCertFile, svcCACertFile, clientId, redirectUri, scope, nonce, state, keyType string, proxy bool) (string, error)

func FetchIdTokenExpiryTime added in v1.10.46

func FetchIdTokenExpiryTime(idToken string) (*time.Time, error)

func GenerateAccessTokenRequestString added in v1.10.15

func GenerateAccessTokenRequestString(domain, service, roles, authzDetails, proxyPrincipalSpiffeUris string, expiryTime int) string

GenerateAccessTokenRequestString generates and urlencodes an access token string.

func GetK8SClientAuthCredential added in v1.10.46

func GetK8SClientAuthCredential(idToken string) (string, error)

func LoadPublicKey added in v1.10.46

func LoadPublicKey(publicKeyPEM []byte) (interface{}, error)

LoadPublicKey returns public key object for the given PEM data

func LoadX509Certificate

func LoadX509Certificate(certFile string) (*x509.Certificate, error)

LoadX509Certificate reads and parses the x509.Certificate from the specified file.

func ZtsClient

func ZtsClient(ztsURL, keyFile, certFile, caCertFile string, proxy bool) (*zts.ZTSClient, error)

ZtsClient creates and returns a ZTS client instance.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL